Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2018-20685

In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side.

Related bugs and status

CVE-2018-20685 (Candidate) is related to these bugs:

Bug #1794629: CVE-2018-15473 - User enumeration vulnerability

		In	Importance	Status
1794629	CVE-2018-15473 - User enumeration vulnerability	openssh (Ubuntu)	Low	Fix Released
1794629	CVE-2018-15473 - User enumeration vulnerability	openssh (Ubuntu Bionic)	Undecided	Fix Released
1794629	CVE-2018-15473 - User enumeration vulnerability	openssh (Ubuntu Trusty)	Undecided	Fix Released
1794629	CVE-2018-15473 - User enumeration vulnerability	openssh (Ubuntu Cosmic)	Undecided	Fix Released
1794629	CVE-2018-15473 - User enumeration vulnerability	openssh (Ubuntu Xenial)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: https://cvsweb.openbsd...
MISC: https://github.com/ope...
BID: 106531
MISC: https://sintonen.fi/ad...
UBUNTU: USN-3885-1
DEBIAN: DSA-4387
CONFIRM: https://security.netap...
GENTOO: GLSA-201903-16
MISC: https://www.oracle.com...
MLIST: [debian-lts-announce] ...
MISC: https://www.oracle.com...
REDHAT: RHSA-2019:3702
GENTOO: GLSA-202007-53
CONFIRM: https://cert-portal.si...